1994-05-22 - No Subject

Header Data

From: anonymous@extropia.wimsey.com
To: (Blind List Only)
Message Hash: 48d659c3cc6b743a5f905a43cde73a699fc3dddbc03309123dc2a44abcf8b427
Message ID: <199405220621.AA00432@xtropia>
Reply To: N/A
UTC Datetime: 1994-05-22 06:38:57 UTC
Raw Date: Sat, 21 May 94 23:38:57 PDT

Raw message

From: anonymous@extropia.wimsey.com
Date: Sat, 21 May 94 23:38:57 PDT
To: (Blind List Only)
Subject: No Subject
Message-ID: <199405220621.AA00432@xtropia>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

	Hello again.  I have been too busy to post very much
to the net recently, but I'm still here.

	As an experiment, I wanted to hack PGP 2.3A to
produce and use 2048-bit keys.  There was nothing sophisticated
about this hack. I just changed MAX_BIT_PRECISION in mpilib.h
to 4096, upgraded the POOLSIZE in random.c to 1024, and changed
the version number to "2.3b" in pgp.c so I would know when I am
running the hacked version.  Generating 2048 bit keys is very
painful, because over 260 bytes need to be typed for the pool.
It took over five minutes to generate the key after the pool
was full.  Once created, though, encryption and decryption are
not significantly slower than with 1024 bit keys, at least not
on my 486DX2/66 running Linux 1.0.  It only took 3 seconds to
encrypt pgpdoc1.txt (using -ea) and 8 seconds to decrypt the
result.

	Of course, the large keys created with "2.3b" are not
compatible with any other version.

	I attempted to use the PSEUDORANDOM compiling
flag, but pgp refused to link.  I suppose I should put some
more effort into resolving this problem.

	I am sending this note out for those who would like to
play with big keys, but did not want to take the time to hunt
through the source looking for the necessary values to change.
Please treat this as an *experiment*.  It is entirely possible
that "2.3b" is potentially insecure, because I have not made any
attempt to locate all of the memory-erasing routines that clean
up after key generation and encryption and confirm that they
erase all of the new memory used.  I hope that the more
sophisticated cypherpunks will not sneer too much at my feeble
beginner's efforts.

	I would like to hear from anyone who performs this
experiment, perhaps with a more sophisticated hack, and
does timing tests on other machines, especially slower
machines like 386's and 68020's.

	Lady Ada

-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLd53bKXNQdJx1hMZAQHaEwQApOWGq0P+OqsgYolbZrjaIWhrghhV9KcY
X5DqgKK8NLdND1aR17JVwUEQeo3eFok6NTjioiLg4sIQdTQNOX8Nd9bQgMxswyyi
EIe/6Ki9YrxlArteUoc0zy7MaB0V1sxH3CdvEQmLnr8XKU03pnD7FCZXedjhic93
+Tt4fNrNGYk=
=LmWA
-----END PGP SIGNATURE-----





Thread